Winny Thomas

Name of the Vulnerable Software and Affected Versions: CA BrightStor ARCserve Backup R11.5 Server versions prior to SP2 Description: The issue concerns multiple buffer overflows that allow remote attackers to execute arbitrary code in the Tape Engine (tapeeng.exe) via crafted RPC requests. Specifically, the problem lies in the handling of opnum 38 in TAPEUTIL.dll 11.5.3884.0 and opnum 37 in TAPEENG.dll 11.5.3884.0. Recommendations: For CA BrightStor ARCserve Backup R11.5 Server versions prior to SP2, apply Service Pack 2 to resolve the issue.

PNP GetDeviceList (upnp getdevicelist) in UPnP for Microsoft Windows 2000 SP4 and earlier, and possibly Windows XP SP1 and earlier, allows remote attackers to cause a denial of service (memory consumption) via a DCE RPC request that specifies a large output buffer size, a variant of CVE-2006-6296, and a different vulnerability than CVE-2005-2120.